fix: move ownership into auth fn

2026-01-16 15:06:37 +01:00 · 2025-03-21 08:01:04 +01:00
parent b4cf020f36
commit 42e63600a1
4 changed files with 8 additions and 11 deletions
--- a/crates/common/src/storage/types/user.rs
+++ b/crates/common/src/storage/types/user.rs
@@ -122,8 +122,8 @@ impl User {
    }

    pub async fn authenticate(
-        email: String,
-        password: String,
+        email: &str,
+        password: &str,
        db: &SurrealDbClient,
    ) -> Result<Self, AppError> {
        let user: Option<User> = db
@@ -133,8 +133,8 @@ impl User {
                WHERE email = $email 
                AND crypto::argon2::compare(password, $password)",
            )
-            .bind(("email", email))
-            .bind(("password", password))
+            .bind(("email", email.to_owned()))
+            .bind(("password", password.to_owned()))
            .await?
            .take(0)?;
        user.ok_or(AppError::Auth("User failed to authenticate".into()))
--- a/crates/composite-retrieval/src/answer_retrieval.rs
+++ b/crates/composite-retrieval/src/answer_retrieval.rs
@@ -5,12 +5,7 @@ use async_openai::{
        CreateChatCompletionRequest, CreateChatCompletionRequestArgs, CreateChatCompletionResponse,
        ResponseFormat, ResponseFormatJsonSchema,
    },
-    MessageFiles,
 };
-use serde::Deserialize;
-use serde_json::{json, Value};
-use tracing::debug;
-
 use common::{
    error::AppError,
    storage::{
@@ -21,6 +16,8 @@ use common::{
        },
    },
 };
+use serde::Deserialize;
+use serde_json::{json, Value};

 use crate::retrieve_entities;

--- a/crates/html-router/src/routes/account.rs
+++ b/crates/html-router/src/routes/account.rs
@@ -127,7 +127,7 @@ pub async fn change_password(
    Form(form): Form<NewPasswordForm>,
 ) -> Result<impl IntoResponse, HtmlError> {
    // Authenticate to make sure the password matches
-    let authenticated_user = User::authenticate(user.email, form.old_password, &state.db).await?;
+    let authenticated_user = User::authenticate(&user.email, &form.old_password, &state.db).await?;

    User::patch_password(&authenticated_user.email, &form.new_password, &state.db).await?;

--- a/crates/html-router/src/routes/signin.rs
+++ b/crates/html-router/src/routes/signin.rs
@@ -42,7 +42,7 @@ pub async fn authenticate_user(
    auth: AuthSessionType,
    Form(form): Form<SignupParams>,
 ) -> Result<impl IntoResponse, HtmlError> {
-    let user = match User::authenticate(form.email, form.password, &state.db).await {
+    let user = match User::authenticate(&form.email, &form.password, &state.db).await {
        Ok(user) => user,
        Err(_) => {
            return Ok(Html("<p>Incorrect email or password </p>").into_response());